[security-announce] SUSE-SU-2013:0508-1: important: Security update for rubygem-merb-core
SUSE Security Update: Security update for rubygem-merb-core ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0508-1 Rating: important References: #805759 Cross-References: CVE-2012-2695 CVE-2012-5664 CVE-2012-6109 CVE-2013-0155 CVE-2013-0156 CVE-2013-0183 CVE-2013-0184 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: rubygem-merb-core has been updated to change the rack version dependency. Now any rack 1.1 version is accepted. This update needs to be installed in parallel with the 2.3.17 rails update. Security Issue references: * CVE-2013-0184 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
* CVE-2012-6109 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
* CVE-2013-0183 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
* CVE-2012-5664 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5664
* CVE-2012-2695 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2695
* CVE-2013-0155 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
* CVE-2013-0156 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156
Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rubygem-merb-core-7405 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): rubygem-merb-core-1.1.3-0.9.1 References: http://support.novell.com/security/cve/CVE-2012-2695.html http://support.novell.com/security/cve/CVE-2012-5664.html http://support.novell.com/security/cve/CVE-2012-6109.html http://support.novell.com/security/cve/CVE-2013-0155.html http://support.novell.com/security/cve/CVE-2013-0156.html http://support.novell.com/security/cve/CVE-2013-0183.html http://support.novell.com/security/cve/CVE-2013-0184.html https://bugzilla.novell.com/805759 http://download.novell.com/patch/finder/?keywords=fe3baf16da4284805596caf983... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
participants (1)
-
opensuse-security@opensuse.org